Skip to content

Password validation

Customize password validation rules to enhance the security of user accounts in WSO2 Identity Server.

Configuration instructions

To configure password validation rules, follow the steps below:

  1. On the WSO2 Identity Server Console, go to Login & Registration > Login Security > Password Validation.
  2. Adjust the settings according to your security requirements.

    Password Validation Configuration

    Parameter Description
    Password Expiration Defines the number of days after which a password must be changed.
    Password History Count Specifies the number of unique new passwords a user must use before an old password can be reused.
    Password Input Validation Sets requirements for password complexity, including length and character types.

  3. Click Update to save the changes.

Validation for whitespace in passwords

WSO2 Identity Server automatically trims leading and trailing whitespace from passwords when creating, updating, or when entering passwords to login.